Security Bulletin

A year after Google and Yahoo started requiring DMARC, the adoption rate of the email authentication specification has doubled; and yet, 87% of domains remain unprotected.

As the cost of data breaches continues to climb, the role of user and entity behavioral analytics (UEBA) has never been more important.

CISA is collaborating with private industry partners to respond to reports of exploitation of a vulnerability (CVE-2025-0994) discovered by Trimble impacting its Cityworks Server AMS (Asset Management System). Trimble has released security updates...

CISA has added one vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-0994 Trimble Cityworks Deserialization Vulnerability These types of vulnerabilities are frequent attack vectors for...

A 2025. 6. hetére vonatkozó hírválogatás, amely az NBSZ NKI által 2025.01.31. és 2025.02.06. között kezelt incidensek statisztikai adatait is tartalmazza.

The SSL 2.0 protocol was originally published back in February of 1995[ 1], and although it was quickly found to have significant security weaknesses, and a more secure alternative was released only a year later[ 2], it still received a fairly wide...

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Local law enforcements need to steer away from "place-based policing" when investigating cybercrimes.

The North Korean APT group has leveraged a custom RDP Wrapper and new malware called forceCopy in recent campaigns.

A Chinese national is facing multiple charges of economic espionage and theft of trade secrets after he was accused of stealing AI technology from Google

Cybereason co-founders launch their second act with a security startup focused on offering a platform that uses agentic AI to offload repetitive tasks commonly performed by security analysts.